Daily NCSC-FI news followup 2021-06-10

Ministeri Harakka: Panostus kriittisten toimialojen tietoturvaan ja tietosuojaan on investointi tulevaisuuteen

www.lvm.fi/-/ministeri-harakka-panostus-kriittisten-toimialojen-tietoturvaan-ja-tietosuojaan-on-investointi-tulevaisuuteen-1376154 Valtioneuvosto vahvisti 10. kesäkuuta 2021 periaatepäätöksen, jolla linjataan toimia yhteiskunnan kriittisten toimialojen tietoturvan ja tietosuojan tason parantamiseksi. Periaatepäätöksen linjaukset perustuvat asiaa selvittäneen poikkihallinnollisen työryhmän ehdotuksiin.

Jättimäinen huijausaalto pyyhkii Suomea Varo tekstiviestejä!

www.iltalehti.fi/tietoturva/a/ffdd91fc-4435-4ce8-ab6a-6a47d69bc1d4 Nyt Kyberturvallisuuskeskus varoittaa uusista huijausviesteistä, jotka liittyvät todennäköisesti samaan haittaohjelmaan. Kotimaisista numeroista lähtee nyt tekstiviestitse linkkejä, jotka voivat liittyä liikkeellä olevaan Android-haittaohjelmaan, Kyberturvallisuuskeskus tiedottaa Twitter-tilillään. Lisäksi: https://twitter.com/CERTFI/status/1402586666217480192

BackdoorDiplomacy: Upgrading from Quarian to Turian

www.welivesecurity.com/2021/06/10/backdoordiplomacy-upgrading-quarian-turian/ An APT group that we are calling BackdoorDiplomacy, due to the main vertical of its victims, has been targeting Ministries of Foreign Affairs and telecommunication companies in Africa and the Middle East since at least 2017. For initial infection vectors, the group favors exploiting vulnerable internet-exposed devices such as web servers and management interfaces for networking equipment.

Russia accused of hacking Dutch police during MH17 investigation

blog.malwarebytes.com/reports/2021/06/russia-accused-of-hacking-dutch-police-during-mh17-investigation/ Journalists at the Dutch newspaper “De Volkskrant” have reported that the country’s intelligence service, AIVD, discovered in 2017 that Russian hackers had broken into Dutch police systems. The De Volkskrant report is based on knowledge from anonymous sources. The reason behind this act of espionage is thought to be the ongoing MH17 investigation. Lisäksi:


Hackers breach gaming giant Electronic Arts, steal game source code

www.bleepingcomputer.com/news/security/hackers-breach-gaming-giant-electronic-arts-steal-game-source-code/ Hackers have breached the network of gaming giant Electronic Arts (EA) and claim to have stolen roughly 750 GB of data, including game source code and debug tools. EA confirmed the data breach in a statement sent to BleepingComputer saying that this “was not a ransomware attack, that a limited amount of code and related tools were stolen, and we do not expect any impact to our games or our business.”. Lisäksi:


Hackers can exploit bugs in Samsung pre-installed apps to spy on users

www.bleepingcomputer.com/news/security/hackers-can-exploit-bugs-in-samsung-pre-installed-apps-to-spy-on-users/ Samsung is working on patching multiple vulnerabilities affecting its mobile devices that could be used for spying or to take full control of the system. The bugs are part of a larger set discovered and reported responsibly by one security researcher through the company’s bug bounty program.

Ransomware: Meat firm JBS says it paid out $11m after attack

www.zdnet.com/article/ransomware-meat-firm-jbs-says-it-paid-out-11m-after-attack Global meatpacker JBS USA has paid $11 million in Bitcoin to cyberattackers that encrypted its files and disrupted operations in the US and Australia with ransomware, the company has said. JBS USA chief Andre Nogueira confirmed the company had made the payment to the attackers.

Emerging Ransomware Targets Dozens of Businesses Worldwide

thehackernews.com/2021/06/emerging-ransomware-targets-dozens-of.html An emerging ransomware strain in the threat landscape claims to have breached 30 organizations in just four months since it went operational, riding on the coattails of a notorious ransomware syndicate. First observed in February 2021, “Prometheus” is an offshoot of another well-known ransomware variant called Thanos, which was previously deployed against state-run organizations in the Middle East and North Africa last year.

New Chrome 0-Day Bug Under Active Attacks Update Your Browser ASAP!

thehackernews.com/2021/06/new-chrome-0-day-bug-under-active.html Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update it immediately to the latest version Google released earlier today. The internet services company has rolled out an urgent update to the browser to address 14 newly discovered security issues, including a zero-day flaw that it says is being actively exploited in the wild. Lisäksi:


Steam Gaming Platform Delivering Malware

threatpost.com/steam-gaming-delivering-malware/166784/ Emerging malware is lurking in Steam profile images. Look out for SteamHide, an emerging loader malware that disguises itself inside profile images on the gaming platform Steam, which researchers think is being developed for a wide-scale campaign.

Researchers create an ‘un-hackable’ quantum network over hundreds of kilometers using optical fiber

www.zdnet.com/article/researchers-created-an-un-hackable-quantum-network-over-hundreds-of-kilometers-using-optical-fiber/ Researchers from Toshiba have successfully sent quantum information over 600-kilometer-long optical fibers, creating a new distance record and paving the way for large-scale quantum networks that could be used to exchange information securely between cities and even countries.

You might be interested in …

Daily NCSC-FI news followup 2021-03-19

Identifying suspicious credential usage www.ncsc.gov.uk/blog-post/identifying-suspicious-credential-usage How NCSC guidance can help organisations detect and protect themselves from credential abuse. Weekly Threat Report 19th March 2021 www.ncsc.gov.uk/report/weekly-threat-report-19th-march-2021 The NCSC’s weekly threat report is drawn from recent open source reporting. “Expert” hackers used 11 0-days to infect Windows, iOS, and Android users arstechnica.com/information-technology/2021/03/expert-hackers-used-11-zerodays-to-infect-windows-ios-and-android-users/ A team of advanced hackers […]

Read More

Daily NCSC-FI news followup 2020-01-25

Kyberhäiriötilanteisiin kannattaa valmistautua jo etukäteen varautumista koskevat suositukset ja sääntely koottiin yhteen www.epressi.com/tiedotteet/tietoturva/kyberhairiotilanteisiin-kannattaa-valmistautua-jo-etukateen-varautumista-koskevat-suositukset-ja-saantely-koottiin-yhteen.html Huoltovarmuusorganisaation Digipooli ja Tietoliikenteen ja tietotekniikan keskusliitto FiCom ry ovat julkaisseet suositukset kyberturvallisuudestaan huolehtiville yrityksille sekä IT- ja tietoturvapalveluiden tarjoajille. Suosituksia tarjoillaan kolmeen vaiheeseen: ennen sopimista, palvelun ylläpidossa ja häiriötilanteissa huomioitaviin asioihin. Does Your Domain Have a Registry Lock? krebsonsecurity.com/2020/01/does-your-domain-have-a-registry-lock/ Hackers target […]

Read More

Daily NCSC-FI news followup 2021-08-26

Microsoft Breaks Silence on Barrage of ProxyShell Attacks threatpost.com/microsoft-barrage-proxyshell-attacks/168943/ Microsoft has broken its silence on the recent barrage of attacks on several ProxyShell vulnerabilities in that were highlighted by a researcher at Black Hat earlier this month. The company released an advisory late Wednesday letting customers know that threat actors may use unpatched Exchange servers […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.